From the Blog

Malware
Data Protection
Peter

SB Tech Breach

Last week saw SB Tech Breached by the hacking group Maze. It seems that every week the group are announcing more victims.  GameOn asked our CEO Peter Bassill, to give us some insight into the attack. The GameOn article is here.

Read More »
Continual Cyber Assurance
Stuart Coulson

What to do When Plan-b Fails

Life has a habit of throwing curve balls at us. Unexpected events that change our daily lives. Businesses try to reduce the impact of these events and put in place contingency budgets, insurance and emergency planning documents. But what happens when those plans fail too?

Read More »
Malware
Assurance
Peter

Chubb Cyber Ransomware Attack

Chubb Cyber Ransomware Attack? Really? Well yes. It seem that, according the operations of Maze Ransomware, there really was a Chubb Cyber Ransomware Attack.

Read More »
General Electric Breach
Data Protection
Peter

General Electric Breach

In a surprising announcement Fortune 500 technology giant General Electric (GE), an organisation that should have this all sown up, disclosed that personally identifiable information of current and former employees, as well as beneficiaries, was exposed in a security incident experienced by one of GE’s service providers. Shock, Horror, Information Security in the supply chain yet again.

Read More »
Data Protection
Peter

NutriBullet Hack

NutriBullet has become the latest Magecart victim with skimmer code planted within their domain in order to steal customer financial data. RiskIQ published their research on Wednesday of this week, and it make very good reading.

Read More »
Assurance
Michael

Intel Vulnerability Enables Multiple Issues

Intel is warning users of a high severity flaw found within their firmware of it’s ‘Converged Security and Management Engine’ (CSME) which is used to power Intel’s ‘Active Management System’ hardware for the purpose of remote out-of-band management to consumers. This flaw could enable an attacker to conduct Privilege Escalation, Information Disclosure and Denial of Service.

Read More »
Data Protection
Michael

Dell SupportAssist-ing Hackers

A recent vulnerability found in Dell’s SupportaAssist software found that if exploited correctly can lead to code execution for unprivileged users. This is known as an uncontrolled search path vulnerability (CVE-2020-5316).

Read More »
News
Michael

Android Bluetooth Critical RCE Flaw

A recent vulnerability was found by researchers from a German security firm. Fixes are available via the Android February 2020 Security Bulletin. The bug is identified as CVE-2020-002; when exploited can result in remote-code-execution without any user interaction with elevated privileges.

Read More »
Data Protection
Michael

WhatsApp? WhatsPatch? WhatsCrack? | WhatsApp Critical Flaw

A security researcher by the name of Gal Weizman from PerimeterX found multiple flaws within WhatsApp that could potentially lead to remote-code-execution (RCE). The flaws enabled vulnerabilities such as Open-Redirect, Persistent-XSS, CSP-Bypass and read privileges from the Local File System (LFS).

Read More »
Scroll to Top